Hacker News
- Dev corrupts NPM libs 'colors' and 'faker', breaking thousands of apps https://www.bleepingcomputer.com/news/security/dev-corrupts-npm-libs-colors-and-faker-breaking-thousands-of-apps/ 1063 comments
Lobsters
- Dev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps https://www.bleepingcomputer.com/news/security/dev-corrupts-npm-libs-colors-and-faker-breaking-thousands-of-apps/ 116 comments javascript , programming , security
- Interested to see what the long term response will be for log4j and other widely used open source projects https://www.bleepingcomputer.com/news/security/dev-corrupts-npm-libs-colors-and-faker-breaking-thousands-of-apps/ 3 comments programming
- Dev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps https://www.bleepingcomputer.com/news/security/dev-corrupts-npm-libs-colors-and-faker-breaking-thousands-of-apps/ 413 comments webdev
Linking pages
- BIG sabotage: Famous npm package deletes files to protest Ukraine war https://www.bleepingcomputer.com/news/security/big-sabotage-famous-npm-package-deletes-files-to-protest-ukraine-war/ 624 comments
- Open source developers, who work for free, are discovering they have power | TechCrunch https://techcrunch.com/2022/01/18/open-source-developers-who-work-for-free-are-discovering-they-have-power/ 437 comments
- Open source developer corrupts widely-used libraries, affecting tons of projects - The Verge https://www.theverge.com/2022/1/9/22874949/developer-corrupts-open-source-libraries-projects-affected 337 comments
- When will we learn? https://drewdevault.com/2022/05/12/Supply-chain-when-will-we-learn.html 183 comments
- “Protestware”: A Slippery Slope | codeshaunted https://codeshaunted.com/2022/03/23/protestware-a-slippery-slope.html 167 comments
- Protestware on the rise: Why developers are sabotaging their own code • TechCrunch https://techcrunch.com/2022/07/27/protestware-code-sabotage/ 121 comments
- GitHub - PayDevs/awful-oss-incidents: 🤬 A categorized list of incidents caused by unappreciated OSS maintainers or underfunded OSS projects. Feedback welcome! https://github.com/PayDevs/awful-oss-incidents 118 comments
- hozy.dev https://hozy.dev/posts/trusting-trust/ 23 comments
- GitHub - cugu/gocap: List your dependencies capabilities and monitor if updates require more capabilities. https://github.com/cugu/gocap 19 comments
- Is open source activism a threat? How to protect yourself | Bytesafe https://bytesafe.dev/posts/open-source-activism-npm-colors-faker/ 10 comments
- Week in Ethereum News January 15, 2022 – Week in Ethereum News https://weekinethereumnews.com/week-in-ethereum-news-january-15-2022 8 comments
- Mozilla Firefox and Chromium in the new threat landscape: electron, browser security, forks, and Rust | by OpenGears | CodeX | Medium https://opengears.medium.com/mozilla-firefox-and-chromium-in-the-new-threat-landscape-electron-browser-security-forks-and-cbf8de716dfd 6 comments
- Securing the open source supply chain with Feross Aboukhadijeh on the launch of Socket (The Changelog #482) |> Changelog https://changelog.com/podcast/482 2 comments
- Avoiding rogue Node.js packages with good version dependencies in package.json | by David Herron | ITNEXT https://medium.com/@7genblogger/avoiding-rogue-node-js-packages-with-good-version-dependencies-in-package-json-f586b9ec6e98?sk=8625bd73f9117b52f285455dd39317f0 2 comments
- npm install turboencabulator • George Mandis https://george.mand.is/2022/01/npm-install-turboencabulator/ 1 comment
- Open Source Software Faces Threats of Protestware and Sabotage | WIRED https://www.wired.com/story/open-source-sabotage-protestware/ 0 comments
- Free OSS Tools to Defend Against Malicious NPM Packages https://jfrog.com/blog/mind-your-dependencies-defending-against-malicious-npm-packages/ 0 comments
- “Cooperation Was Our Way Of Life” - by Tyler Berbert https://tylerberbert.substack.com/p/cooperation 0 comments
- Open source 'Package Analysis' tool finds malicious npm, PyPI packages https://www.bleepingcomputer.com/news/security/open-source-package-analysis-tool-finds-malicious-npm-pypi-packages/ 0 comments
- Open Source & Sustainability | CSS-Tricks - CSS-Tricks https://css-tricks.com/open-source-sustainability/ 0 comments
Would you like to stay up to date with Web Development? Checkout Web Development
Weekly.
Related searches:
Search whole site: site:www.bleepingcomputer.com
Search title: Dev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps
See how to search.